Kick Those Scripts to the Sandbox: Web Security is Your Responsibility

Do you want Tweets or your latest Instagram food picture to display nicely in your site? Just load this third-party script into your site — never mind what it does! … err, what’s the difference between third-party scripts and a cross-site scripting attack again? Can’t third-party scripts steal user credentials, track users without their consent, and hijack your site for advertising purposes? In this talk, we’ll discuss different ways of sandboxing these scripts to increase your site’s security, stability, and protect the privacy of your users. You’ll leave with an understanding of the latest browser features designed to protect you and your users.


Talk history

  • VueDC in Arlington, VA
  • DC JavaScript in Washington, DC